Term Paper: Frog Boiling Attack Limitations of Secure Network Coordinate Systems

Pages: 10 (3923 words)  ·  Bibliography Sources: 10  ·  File: .docx  ·  Level: Doctorate  ·  Topic: Business  ·  Buy for $19.77

¶ … frog-boiling attack studied and carried out by Chan-Tin, et al. (2011). The goal of the attack is to infiltrate a network coordinate system without knowledge of the system and without disrupting the system to the point that the attack will fail. The "frog-boiling" attack is named after a theory that a frog placed in cold water will not jump out of the water as the temperature is slowly raised. Eventually, the frog will be boiled to death without noticing the temperature change, because it is so gradual. In theory, the same general rule can be applied to the network coordinate system. If a change is gradual enough so as to go undetected by the failsafes in place to catch attacks and malfunctions, the entire system can be attacked, taken over, or badly damaged because the change was so slow so as not to be noticed until it is too late. Chan-Tin, et al. (2011) noticed that this could be done on all network coordinate systems with three different types of attacks. Even with other filters in place to prevent the danger, nothing could be done to stop the slow, gradual attacks. This led the researchers to determine that the frog-boiling attack was one way in which a network coordinate system could be overtaken, and that these systems are not safe to use until this is corrected. Possible solutions include filters that pick up anomalies, but so far even these types of filters have not been successful on prolonged, serious, and strategic attacks.

A Review of the Frog-Boiling Attack:

Limitations of Secure Network Coordinate Systems

Introduction

There is a theory about frogs, that says if one places a frog into a pot of boiling water, that frog will immediately jump out because of the heat. That same theory also says that a frog can be placed into cold water and the temperature can be gradually raised. Because the frog will not, allegedly, notice the minor increases in temperature, it is possible for the frog to be boiled to death that way. While this sounds more like something out of an unpleasant science experience, the some analogy has been used by Chan-Tin, et al. (2011) to show that secure network coordinate systems may not be so secure after all.

The theory is that these networks will notice large-scale or significant attacks, but that they will not notice attacks on a much smaller and more incremental scale (Barreno, et al., 2006; Shavitt & Tankel, 2003; Sherr, Blaze, & Loo, 2009). With that being the case, anyone who uses a slow, simple, nearly gentle attack on a network system can change the nodes enough over time to make them significantly different from what they were originally. Because the attack is so gradual, the differences in the nodes are not great enough each time they are changed to send up any red flags about what is taking place (Bavier, et al., 2004; Kaafar, et al., 2007). The end result is far different from what is seen in the beginning, but there is no evidence of attack (Chan-Tin, et al., 2011).

Naturally, this is a highly ingenious way of attacking a network and skirting its security systems. It has been termed the frog-boiling attack for the way it starts out safe and slowly changes to something dangerous without the notice of the affected (injured) party (Chan-Tin, et al., 2011). Think of the gradual changes in nodes as the slowly-rising temperature of the water. The network is the frog. Chan-Tin, et al. (2011) have studied this extensively and shown how this particular attack can be used to thwart the security of three systems thought to be the most reputable and safe due to their high-level and very carefully designed security measures.

These three systems are Veracity, Vivaldi, and Vuze BitTorrent. There will be three different kinds of attacks used, and it will be shown how they can be highly effective when they are used properly - even against "secure" systems that are carefully designed to avoid problem. The issue is with the variance required to trigger a flag that there is a problem. Remaining under that variance level triggers nothing, but still changes the node (Chan-Tin, et al., 2011). Lying to the node too much will flag a problem. Lying to the node too little will not make the desired changes. By lying just the right amount to all the nodes continuously, the frog-boiling attack can be implemented on any secure system, as will be shown here.

Basic-Targeted Attack

The basic-targeted attack is one that targets a particular node and singles it out. Once the node has been chosen the attack is launched and the goal is to slowly change the coordinates of that node (Chan-Tin, et al., 2011). This must be done carefully, and in very small steps, or it will not be successful. In order to determine how to do this properly, a clear understanding of the node and how the system in which that node is located works is needed. Pyxida, for example, only updates node coordinates when it is pinged. That means that the node that is the victim of the attack must contact the nodes that are attacking in order for the attack to be successful. If there are 10% attackers in the network, the node being attacked will contact one 10% of the time (Chan-Tin, et al., 2011). A node that is the neighbor of a "victim node" will remain there for 32 iterations, which will allow others to contact it and spread the attack (Chan-Tin, et al., 2011).

All the node that is attacking needs is just enough time to "touch base" with other nodes, and then the node can spread the attack to more and more nodes as they all contact one another over time. What seems like a long process really is not, because nodes contact one another very rapidly in order to move information through the network. With the rapid contact they have, nodes spread attacks such as the frog-boiling attack much more quickly than most would easily assume (Chan-Tin, et al., 2011).

After 32 iterations, there is a very high probability (more than 96%) that an attacker node will be a "neighbor" of a victim node (Chan-Tin, et al., 2011). When there is at least one attacker node in the neighbor "list" of a victim node, that victim node can be targeted quite easily. In Pyxida, there is a neighbor list update every 10 seconds so the current force can be calculated (Chan-Tin, et al., 2011). Every time this is updated, the victim node adjusts its coordinates to move a little bit closer to the target coordinates it needs for the attack to be effective. The nodes that are attacking only focus on the victim node. They do not respond to other nodes, and so they are not noticed by the system in any way (Chan-Tin, et al., 2011).

The variance changes in the victim node are so small that they, too, are not noticed. They fall within the tolerance levels required for that particular node each time they change, so there is no alert that a problem is brewing (Chan-Tin, et al., 2011). Because other nodes are not aware of the attacker nodes, and because the victim node is changing so incrementally as to avoid being out of tolerance or accepted variation, it is clear that the attack is effective when carried out correctly on the right type of system. Any kind of outlier system for detection, therefore, is not suitable for security when it comes to a network coordinate system (Chan-Tin, et al., 2011). It is simply too easy to attack the system and make changes to it.

The attack works because the victim is moved to a new location in small steps, instead of attempting to make a large move that would surely be detected by other nodes in the network. The new location for the node is insignificant for the purposes of showing that there can be an effective attack that will change node coordinates and that will not be noticed by the other nodes or by the system itself. By varying the number of attackers and the change in coordinates, an attack on a victim node and its network can be slowed down or sped up at will (Chan-Tin, et al., 2011). The only requirement is that the change in coordinates be small enough each time so as to go undetected. Other than that, there is little else that needs to be done and that can allow for large attacks over significant areas of the network, even when the network is designed to be secure and has been tested to have a very low tolerance level when it comes to changes that can be made to it internally or externally (Chan-Tin, et al., 2011).

The number of attack nodes and the level of variance the victim node can tolerate can affect how quickly the network is disrupted. For example,… [END OF PREVIEW]

Ordering Options:

?
Which Option Should I Choose?

1.  Buy Full Paper (10 Pages)

Perfectly formatted MS Word document!

or

2.  Write a NEW paper for you!

Write a New Paper

Popular!

Securing the Electronic Frontier Research Paper


Frog's Leap Winery Competitive Strategy Case Study


Securing the Electronic Frontier P. II Research Paper


Limitations of the Mundell-Fleming Model Term Paper


Securing the Host and Data Loss Prevention Research Paper


View 1,000+ other related papers  >>

Cite This Term Paper:

APA Format

Frog Boiling Attack Limitations of Secure Network Coordinate Systems.  (2012, April 29).  Retrieved November 21, 2019, from https://www.essaytown.com/subjects/paper/frog-boiling-attack-limitations-secure/8390031

MLA Format

"Frog Boiling Attack Limitations of Secure Network Coordinate Systems."  29 April 2012.  Web.  21 November 2019. <https://www.essaytown.com/subjects/paper/frog-boiling-attack-limitations-secure/8390031>.

Chicago Format

"Frog Boiling Attack Limitations of Secure Network Coordinate Systems."  Essaytown.com.  April 29, 2012.  Accessed November 21, 2019.
https://www.essaytown.com/subjects/paper/frog-boiling-attack-limitations-secure/8390031.